Share This Post

Startup

bugbounty.in – India’s First Crowd sourcing Security Testing Portal born on 16/06/13

I am really glad to present ,Something New.

Well First of its kind in India BUGBOUNTY.IN

About ME 

Nitish Mehta (A hacker , developer , innovator and Entrepreneur)

I Believe that if we work on something that we love then we  surely will be successful doing that.Well I love many things as mentioned above A hacker , developer , innovator and Entrepreneur , was finding how to do all this in one time , one place .

you can check out my profile in https://www.nitishmehta.in/

before explaining  what is  bugbounty.in . Let me Explain few Keywords 

What is Bug?

A software bug is an error, flaw, failure, or fault in a computer program or system that produces an incorrect or unexpected result, or causes it to behave in unintended ways.Similarly A security Bug is that benefits someone other than intended beneficiaries in the intended ways.

Simple terms that security Bugs are the reason for something getting hacked.

What is Bounty?

An amount of money or other reward offered by an organization for the capture of a person or thing

Similarly, a security bug bounty system – anyone who reports a valid critical security bug receives a $  cash reward for each report or some Goodies . As per pre decided Rewards

Some of successfully running private Bug Bounties are:

Facebook – https://www.facebook.com/whitehat/bounty/

Mozilla – https://www.mozilla.org/security/bug-bounty.html

Paypal – https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues

Google – https://www.google.com/about/company/rewardprogram.html

 

What is Crowd Sourcing?

The practice of obtaining needed services, ideas, or content by soliciting contributions from a large group of people, and especially from an online community, rather than from traditional employees or suppliers.

 

 

 

Successfully Running Crowd Sourcing Portal

What is bugbounty.in ?

 

  • It is a portal for penetration tester who can participate in different of Bug bounty ,they can  Win goodies, Cash prize and Much more.
  • A company can put there Bounties using our portal to have a secure and standard Bounty programs, so no malicious hacker can harm your Website.
  • We will collect all security flaws which will be  reported to us by our penetration tester , will format in perfect report for Managers , Techie and staffs with further guidance to solve bugs.
  • We will elect Bounty winner with reference to points system and announce winner with prize 

 

Currently we are under construction and hoping to start this program before end of this year!

We will love to host bounty programs for some Rodinhoods at minimal cost and for social venture for free

We have started Registrations for Both company Interested in Organizing Bug Bounty and Penetration Tester

Please check the Landing page and other links that can be make us social with you

www.bugbounty.in

https://www.facebook.com/bugbounty.in

https://twitter.com/bugbounty_in

https://plus.google.com/u/0/110813575863090917102

https://www.linkedin.com/company/illuminaitive-works/

https://delicious.com/bugbounty_in

Please Provide me with  your Valuable  Feedback and comments.

(Please don’t be a grammar NAZI and excuse my English  😉 )

Comments

Share This Post

7 Comments

  1. Hi, if i understand correctly – you help companies detect their security flaws? Let’s say I am a crowd sourced tester and I discover a security flaw at xyz.com. Meanwhile the company gets their report and fixes it – I can still do something malicious right? Sorry if my questions is too lame, just a thought that occured to me. 

  2. No ..!! reason are as below 

    1. you have an NDA clause with every tester .

    2. Codes will be tested in our site which wont revel your Identity , so you guys are safe .

    3.(logical one ) IF any one wants to do malicious then y he/she will report you ? 

  3. Ok, bought all your reasons 🙂 For the 3rd point – what if someone goes ahead and does something malicious, instead of reporting to you? Agreed that you have a NDA with every tester, but just voicing my suspicion.

    The overall idea is quite appealing : Just wondering why did you launch a .in ( India specific) service. I am sure the whole world will embrace security related startups with open arms.

    Thanks.

  4. See you forgetting 2 points here 

    1. We will be continuously watching action during Bounty time , we will make sure no one goes beyond certain point 

    2.there will be more than 100’s of ethical hacker trying to win BOUNTY , so it can be reported by some other .

    and question regarding .in , ya domain is .in but we will be working for any one around world and will have Ethical Hacker around world , my target is to at-least register 3000 before launch 

    bounty prize will be in USD only and also our charges .! 

  5. microsoft windows 8.1 bug bounty https://www.theverge.com/2013/6/19/4445546/microsoft-offers-windows-8-1-bug-bounty-100k-rewards 100k usd for finding one critical bug … 

  6. Hey Nitish,

    At first look your idea is really nice and appealing. 
    correct me if I am wrong here, you will be working in a way similar to a deal-aggregator like (eg: http://www.couponduniya.com) for bugs where all companies can post their sites and ask testers to locate bugs. 
    Those who locate the most bugs in accordance with the points system will be winning.

    Now I have the following questions:

    1. Can you explain your points system a bit more?
    2. How do you deal with a case where say 2 or more testers have found the same bugs?

    All in all, loved the idea!!

    Wish you all the best for it

    Kunal
     

  7. the points will be allocated according to scope of vulnerability , response time (i.e 1st person to report correct will get extra points ) , explanation with solution will get extra points .

    more points = more bounty

    I am currently making an algorithm for this were we can find who has preform better . which will reflect in their profile which can be useful for private bounty

    if 2 or tester has founded vul. and are able to explain also the reason with solution then prize will be split in n-ways

    and thank you for your wishes ..!!  

Comments are now closed for this post.

Lost Password

Register